CyberSecurity is using its expertise in security and forensics to expand its services to the masses.
In 1997, MyCERT (Malaysia Computer Emergency Response Team) was formed to tackle emerging security issues when the Internet was still in its infancy. It soon became a part of a bigger unit called Niser (National ICT Security and Emergency Response Centre) to guard our digital borders before finally becoming the entity we know today – CyberSecurity Malaysia.
Beyond the name change, CyberSecurity has also evolved as an organisation, pushing the boundaries of what it can offer to government agencies, private sector and even the public.
Into the future
Housed in CyberSecurity’s facility in Seri Kembangan, Kuala Lumpur is the Cyber Forensic X lab where the organisation researches and develops cutting edge technologies to help combat digital crime.
The lab creates its own high grade tools so it doesn’t have to buy exorbitantly priced professional equipment, says CyberSecurity’s vice-president for cyber security responsive services, Dr Aswami Ariffin.
It is now developing facial recognition technologies using Microsoft Kinect, a peripheral for the Xbox One and Xbox 360 gaming consoles, which uses twin cameras and infra-red to track the player.
CyberSecurity chose Kinect because the software it’s working on will make Kinect function as well as any professional equipment but at a fraction of the cost.
Its technology works by identifying unique facial features of a person such as eye-to-eye distance, width of the nose, and shape of the cheekbone using the Kinect’s ability to sense depth.
The biometrics will then be used to find a match in a photo or video.
Sharpening the focus
As advanced as facial recognition technology is, it can only go so far, as it’s highly reliant on the quality of the video or photo that’s captured.
“Most CCTVs are only for show and even if they are in good working condition they capture very low quality footage and often are not of much help in criminal cases,” he says.
Most building owners install CCTVs to fulfil the requirement set by insurance companies, he laments, adding that most are not even strategically positioned.
In the murder case of Nurin Jazlin, a CCTV captured a motorcyclist dropping off a bag containing her remains in front of a shoplot but the footage was poor.
It was up to CyberSecurity to enhance the video but it could do little as the quality was beyond recovery. It even tried extracting multiple still images from the video but was unable to clearly identify the facial features, number plate or other useful information.
To prevent this problem, the organisation is drafting a Video Quality in Public Safety industry standard for CCTVs in public areas.
It’s still a work in progress but CyberSecurity is looking at recommending at least a 5-megapixel camera with 500GB of storage. The higher the quality, the bigger the storage space that will be required, he says.
The recommendations are based on its study of smart cities in Germany, South Korea and Japan where the use of high quality CCTVs have kept the crime to a minimum.
CyberSecurity is also offers certification through its MyCC (Malaysian Common Criteria Evaluation and Certification) scheme.
The scheme evaluates and certifies the security functionality of security products against the ISO/IEC 15408 standard.
On guard
Earlier this year, the agency launched a new service called CyberDEF to help organisations mitigate attacks such as Advanced Persistent Threats which targets a single entity.
It will help organisations identify loopholes, vulnerabilities and existing threats in their network by collaborating with international partners.
Instead of just providing software support, CyberSecurity will perform drills on-premise to test the readiness of the organisation to handle cyber attacks.
CyberDEF will assist organisations in developing a structured and coordinated approach to handling security incidents with the help of well-defined policies and procedures, he says.
“This includes setting up a response team for organisations that don’t have one yet,” he says.
“The exercise is structured around a scenario that includes several incidents involving the most common types of attacks. The members need to perform their investigation/analysis of the incident and come out with the mitigation solution.”
If a threat is detected, CyberSecurity will perform data recovery services and data sanitisation services, if needed.
However, a lot of cyber attacks today still use social engineering to trick users into revealing their password or installing malware on their machines.
For instance, the Stuxnet attack on Iranian nuclear facility relied on infecting the USB drives of the employees to get the malware into the facility.
“The modus operandi of cyber criminals have changed. Back in the early days, the target were machines and systems but today the human is the weakest link,” he says.
To educate the public it has started a CyberSAFE initiative to raise the awareness on potential risks and issues facing Internet users.
Its most recent campaign was Digi CyberSAFE where it reached out to school children and teachers.
Data rescue
For the public, CyberSecurity offers two main services – Cyber999 and CyberSecurity Clinic (MyCSC).
Cyber999 is a hotline (1-300-88-2999) for users to report computer security incidents while MyCSC offers consultation, as well as repair and recovery services for computers, hard disks and smartphones.
“To date hundreds of thousands of incidents have been reported to us, including problems as minor as laptop issues, and we are capable of handling almost anything that relates to Internet and digital,” says Aswami.
One of the sought after services is data recovery from a faulty hard disk, which is handled by MyCSC.
Aswami says that in most cases the problem is due to the hard disk’s malfunctioning mechanical arm or electrical board.
Failures are usually caused by impact or drops which will most likely damage the mechanical arm or electrical spikes or surges that fries the board.
To initiate recovery, CyberSecurity will first have to replace the damaged part and this is made difficult by the fact that companies release new models very quickly and phase out the older ones.
Although it has a well stocked store for crucial parts, at times it has to resort to purchasing second hand models from the Internet, he says.
Simple data recover from a damaged thumbdrive costs about RM100 but for hard disks the cost depends on the storage size and complexity of the repair, generally costing about RM500 or more.
For a proper quote, CyberSecurity has to first diagnose the issues, he says.
“Our prices are very competitive compared with data recover service offered by the private sector,” says Aswami.
But what’s even more important is the data – customers need to trust the organisation they are handing their information to.
“We are a government agency and trust is important to us. Users do not have to worry about privacy or tempering,” he says.
“When we perform our analysis, we look into the files unless there is a need to do so as we have strict ethical guidelines.”
Already a subscriber? Log in
Get 20% OFF The Star Digital Access
Cancel anytime. Ad-free. Unlimited access with perks.
